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REMARKS 

Claims 1-28 are ciirrently pending in the subject application, and are presently under 
consideration. Claims 1-28 are rejected. Favorable reconsideration of the application is 
requested in view of the amendments and comments herein. 

Claim 1 has been amended to included the elements of claim 8. Claim 8 has been 
canceled. Claim 9 has been ainended to depend from amended claim 1. 

Claim 18 has been amended to include the elements of claim 22. Claims 19 and 20 have 
been amended to remain consistent with amended claim 18. Claims 21 and 22 have been 
canceled. 

Claim 23 has been amended to include the elements of claim 27. Claim 25 has been 
amended to remain consistent with amended claim 23. Claim 26 and 27 have been canceled. 
Claim 28 has been amended to depend from amended claim 23. 



1. Rejection of Claims 1. 18 and 23-25 Under 35 U.S.C. S102fe) 

Claims 1, 18 and 23-25 stand rejected under 35 U.S.C. §102(e) as being anticipated by 
Cordery, et al. ("Cordery"), U.S. Patent No. 6,134,328. Withdrawal of this rejection is 
respectfully requested for at least the following reasons. 

As stated above, claim 1 has been amended to include the elements of claim 8. 
Accordingly, in the following arguments, the Applicant will respond to the rejections of claims 1 
and 8. 

As admitted in the Office Action, Cordery does not teach or suggest notifying a personal 
revocation authority (PRA) that a user has lost a user signature certificate, the notifying 
occurring before creating, as recited in amended claim 1 (See Office Action, Page 8, lines 1-2). 
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In contrast to the contention of the Office Action, the addition of U.S. Pub. No. 
2001/001266 to Asay, et al. ("Asay") does not cure the deficiencies of Cordery. Asay does not 
teach or suggest a notifying a PRA that a user has lost a signature certificate, the notifying 
occurring before creating, as recited in amended claim 1 . The Office Action alleges that the 
"subscriber" disclosed in Asay corresponds to the PRA recited in amended claim 1 (See Office 
Action, Page 8, para. 3). However, the subscriber disclosed in Asay clearly does not correspond 
to the PRA recited in aiiiended claim 1. The subscriber disclosed in A.say is a person identified 
in a certificate as the holder of a private key corresponding to a public key listed in the certificate 
(See Asay, para. [0008]). The subscriber disclosed in Asay would much more closely 
correspond to the user recited in amended claim 1, not the PRA. The PRA recited in amended 
claim 1 is a person that may be, for example, a manager or a supervisor of the user (See Spec, 
Page 14, lines 14-20) and claim 11. Thus, it is clear that the user and the PRA recited in amended 
claim 1 are not the same person. In amended claim 1, someone other than the user (the PRA) is 
notified that the user has lost his/her signature certificate. In sharp contrast, Asay teaches that 
the subscriber revokes his/her own lost certificate (See Asay, para. [0014]). Asay does not teach 
or suggest that any other person is notified about the lost certificate before the creation of an 
authenticated secure channel with a registration web server, as recited in claim 1. Therefore 
Cordery and Asay, taken individually or in combination, do not teach or suggest amended 
claim 1. 

It is also respectfully submitted that one of ordinary skill in the art would not look to 
modify and combine the teachings of Cordery in view of Asay in the manner suggested by the 
Office Action with respect to claim 8. Cordery discloses a system and method for allowing a 
postal service to employ a certificate authority (CA) to provide for universal access to a postage 
meter system (See Cordery, Col. 3, lines 49-53). Thus, in Cordery, a postal service employing 
the system disclosed in Cordery would rely on the verification purported by the CA. Nothing in 
Cordery would teach or suggest increasing human involvement during the revocation of a 
certificate. That is, Cordery does not teach or suggest notifying a PRA that a user has lost a user 
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signature certificate, as recited in amended claim 1. Assuming arguendo that Cordery does teach 
or suggest increasing human involvement in the certificate revocation process, the purported 
combination of Cordery and Asay still fails to make amended claim 1 obvious for the reasons 
stated above. Accordingly, reconsideration and allowance of amended claim 1 is respectfully 
requested. 

As stated above claim 18 has been amended to include the elements of claim 22. 
Accordingly, in the following arguments, the Applicant will respond to the rejections of claims 
18 and 22. 

As admitted in the Office Action, Cordery does not teach or suggest a PRA, as recited in 
amended claim 18. The addition of U.S. 6,715,073 to An, et al. ("An, et al.") does not cure the 
deficiencies of Cordery. The Office Action alleges that the "registration authority" disclosed in 
An, et al. corresponds to the PRA recited in amended claim 18 (See Office Action, Page 15, para. 
4). The PRA recited in amended claim 18 is a person (See Spec, Page 16, lines 21-22). 
Conversely, the registration authority disclosed in An, et al. is software. In fact, the Office 
Action even cites the Abstract of An, et al., which clearly discloses "registration authority 
running as a software." Thus, it is clear that the registration authority disclosed in An, et al. is 
not a person. Further, An, et al. does not teach or suggest that the registration authority could be 
a person. Accordingly, it is clear the registration authority disclosed in An, et al. is not the PRA 
recited in amended claim 18. Since Cordery and An, et al., taken individually or in combination, 
do not teach or suggest amended claim 18, reconsideration and allowance of claim 18 is 
respectfiiUy requested. 

As stated above, claim 23 has been amended to include the elements of claim 27. 
Accordingly, in the following arguments, the Applicant will respond to the rejections of claims 
23 and 27. Amended claim 23 recites a system that is generally similar to amended claim 1. 
Accordingly, amended claim 23 (as well as claims 24-25 depending therefrom) is patentable for 
substantially the same reasons as amended claim 1. 
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For the reasons stated above, claims 1, 18 and 23-25 should be patentable over the cited 
art. Reconsideration and allov^ance of claims 1, 18, and 23-25 are respectfully requested. 

11. Rejection of Claims 2-4, 7. 21 and 26 Under 35 U.S.C. S103(a) 

Claims 2-4, 7, 21 and 26 stand rejected under 35 U.S.C. §103(a) as being unpatentable 
over U.S. 6,134,328 to Cordery, et al. ("Cordery^j in view of U.S. 5,774,552 to G-rimmer 
("Grimmer"). Withdrawal of this rejection is respectfully requested for at least the following 
reasons. 

Claims 21 and 26 have been canceled. Accordingly, the rejection of claims 21 and 26 is 
now moot. 

Claim 2 depends from amended claim 1, and is allowable over Cordery in view of Asay 
for substantially the same reasons as amended claim 1 . Additionally, as admitted in the Office 
Action, Cordery does not teach or suggest generating a directory password for the user during the 
creation of the user signature certificate, as recited in claim 2. The addition of Grimmer does not 
cure the deficiencies of Cordery in view of Asay. 

Grimmer teaches a method and apparatus for retrieving X.509 certificates from an X.500 
directory service agent. (See Grimmer, Col. 1, lines 9-10). Grimmer also teaches a 
UserPassword attribute that is defined to hold user password information in the X.500 directory, 
where a user can query a directory to verify that a password it received from a different user 
matched the one held in the X.500 directory. Grimmer teaches that a UserPassword attribute is 
defined in the X.500 standard, but is silent on when the UserPassword attribute is created. 
Accordingly, Grimmer does not teach or suggest generating a directory password for the user 
during the creation of the user signature certificate, as recited in claim 2. 

Additionally, nothing in Cordery suggests creating a directory password for a user during 

creation of the user signature certificate. The conclusion of obviousness based on the 
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combination of Cordery and Grimmer thus appears to be based on improper hindsight in which 
the present application provides the missing motivation to modify the combination of Cordery 
and Grimmer in the maimer suggested in the Office Action, as Cordery fails to teach or suggest 
the use of a password. Assuming arguendo that the combination of Cordery and Grimmer does 
teach creating both a password and a digital certificate, the purported combination still fails to 
teach that the password is created during the creation of the user signature certificate as recited in 
claim 2. Accordingly, reconsideration and allcwance of claim 2 is respectfiilly requested. 

Claims 3-4 and 7 depend directly or indirectly from claim 2 and are allowable over 
Cordery in view of Asay in further view of Grimmer for substantially the same reasons as 
claim 2. 

For the reasons described above, claims 2-4 and 7 should be patentable over Cordery in 
view of Assay in further view of Grimmer. Accordingly, withdrawal of this rejection is 
respectfully requested. 

III. Reiection of Claim 5 Under 35 U,S.C, S103(a) 

Claim 5 stands rejected under 35 U.S.C. § 103(a) as being unpatentable over U.S. 
6,134,328 to Cordery, et al. ("Cordery") in view of U.S. 5,774,552 to Grimmer ("Grimmer") in 
further view of U.S. Pub. No. 2002/0007454 to Tarpenning, et al. ("Tarpenning"). Withdrawal 
of this rejection is respectfully requested for at least the following reasons. 

Claim 5 depends from claim 3, and is allowable over the cited prior art for substantially 
the same reasons as claim 3, which depends from claims 1 and 2. Additionally, as stated above 
with respect to claim 1 , Cordery in view of Asay fails to teach or suggest notifying a PRA that a 
user has lost a user signature certificate, the notifying occurring before creating. 
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As admitted in the Office Action, Cordery and Grimmer do not teach or suggest sending 
the user one of a password and a personal identification number (PIN) by the registration web 
server after the setting of the user entry, as recited in claim 5. The addition of Tarpenning does 
not cure the deficiencies of Cordery in view of Asay in view of Assay in furhter view of 
Grimmer. 

Tarpenning teaches a delivery system for managing security keys using three key pairs to 
establish, register, move, and revoke rights in a device to view protected information. (See 
Abstract of Tarpenning). In rejecting claim 5, the Office Action specifically relies on FIG. 5 for 
its showing of a flow chart of a process for moving a certificate from one device to another. 
(Tarpenning, para. [0021]). The Office Action equates step 1025 of FIG. 5 as teaching sending 
the user one of a password and a PIN because of step 1025's teaching of sending confirmation of 
a revocation request to the authentication server. The "confirmation" taught in Tarpenning, 
however, is only a notification that revocation has occurred. Tarpenning does not teach or 
suggest that one of a password and a PIN is sent to the user after setting the user entry in the 
directory. Tarpenning assumes that the devices from which the certificate is being moved are 
both connected to the server simultaneously, so that the certificate can be revoked from one 
device and issued to the other device in a short period of time. (Tarpenning, para. [0042]). This 
revocation taught by Tarpenning thus occurs without sending the user any PIN or password after 
setting a user entry, as recited in claim 5. 

For the reasons stated above, claim 5 is patentable over Cordery in view of Asay in 
fiirther view of Grimmer in fiirther view of Tarpenning. Accordingly, reconsideration and 
allowance of claim 5 is respectfiiUy requested. 
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IV. Rejection of Claim 6 Under 35 U,S,C. S103(a) 

Claim 6 stands rejected under 35 U.S.C. §103(a) as being unpatentable over U.S. 
6,134,328 to Cordery, et al. ("Cordery") in view of U.S. 5,774,552 to Grimmer ("Grimmer") in 
view of U.S. Pub. No. 2002/0007454 to Tarpenning, et al. ("Tarpenning") in further view of U.S. 
5,982,898 to Hsu, et al ("Hsu"). Withdrawal of this rejection is respectfully requested for at least 
the following reasons. 

Claim 6 depends from claim 5, and is allowable over Cordery in view of Asay in view 
Grimmer in view of Tarpenning in further view of Hsu for substantially the same reasons as 
claim 5. As mentioned above with respect to claim 5, Cordery, Asay, Grimmer, and Tarpenning 
fail to teach or suggest sending a user one of a password and a personal identification number 
(PIN) by a registration web server after setting a user entry. Moreover, as admitted in the Office 
Action, Cordery, Grimmer, and Tarpenning do not teach or suggest requesting a signature 
certificate by the user using a directory password and one of the password and the PIN. 

The addition of a fifth reference, namely Hsu, does not cure the deficiencies of Cordery 
in view of Asay in view of Grimmer in further view of Tarpenning. Hsu teaches the use of 
certifications used in connection with secure and authorized communications. (Hsu, Col. 1, lines 
4-5). Hsu also teaches when a user needs a certificate, the user contacts the certification 
authority (CA), and identifies him/herself with a password, and submits to the CA some other 
information, such as a purpose as to why the user wishes to apply for the certificate. (Hsu, Col. 4 
lines 56-60). Hsu teaches only a single mechanism to identify the requestor. Hsu does not teach 
or suggest requesting a new signature certificate by the user using a directory password and one 
of a password and a PIN, as recited in claim 6. 

For the reasons stated above, claim 6 should be patentable over Cordery in view of Asay 
in view of Grimmer in view of Tarpenning, in further view of Hsu. Accordingly, reconsideration 
and allowance of claim 6 is respectfully requested. 
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V. Rejection of Claims 8 and 27 Under 35 U,S,C. S103(a) 

As stated above, claims 8 and 27 have been canceled. Accordingly, the rejection of 
claims 8 and 27 is now moot. 

VI. Rejection of Claims 9-11 and 28 Under 35 V.S.C. S103(a) 

Claims 9-1 1 and 28 stand rejected under 35 U.S.C. §103(a) as being unpatentable over 
U.S. 6,134,328 to Cordery, et al. ("Cordery") in view of U.S. Pub. No. 2001/001 1255 to Asay, et 
al. ("Asay") in further view of U.S. 6,715,073 to An, et al. ("An, et al."). Withdrawal of this 
rejection is respectfully requested for at least the following reasons. 

Amended claim 9 is allowable for substantially the same reasons as amended claim 1 
from which it depends. As admitted in the office action, the combination of Cordery and Asay 
does not teach or suggest that creating and requesting are initiated by a PRA, as recited in 
amended claim 9. 

In contrast to the contention of the Office Action, the addition of An, et al. does not cure 
the deficiencies of Cordery in view of Asay. An, et al. teaches a registration system in which 
information about personal vaults is stored in an X.500 directory. (An, et al.. Col. 3, lines 45-46) 
An, et al. also teaches a registration authority running as a software application in the controller 
processes requests to issue and revoke digital certificates issued by a Certification authority. (An, 
et al., Col. 4 lines 40-44). The "registration authority" referred to in An, et al. is software in 
contrast to the PRA recited in amended claim 9 which corresponds to a person. (See, e.g. 
Page 13, lines 20-22). 

Assuming arguendo that An, et al. does teach or suggest that the registration authority 
could be a person, An, et al. still fails to make amended claim 9 obvious. An, et al. does not 
teach or suggest that the creating and requesting are initiated by a PRA, as recited in amended 
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claim 9. Instead, the registration authority processes requests to issue, revoke, suspend, resume 
or renew a user's right to digital certificates (An, et al. Col. 4, Lines 40-43). Since the 
registration authority disclosed in An, et al. can process requests for revocation, there is no need 
to have the registration authority request a revocation of a certificate fi-om another entity (such as 
the registration web server recited in amended claim 1, fi-om which amended claim 9 depends). 
That is, An, et al. does not teach or suggest that the registration authority initiates a request for 
revocation. Thus, taken individually or in combination, Ccrder}^ .Asay, and A_n^ et do not 
teach or suggest amended claim 9. Accordingly, reconsideration and allowance of amended 
claim 9 is respectfully requested. 

Claim 10 depends fi"om amended claim 9 and is allowable for substantially the same 
reasons as amended claim 9. Claim 1 1 and amended claim 28 depend fi-om claims 10 and 23, 
respectively, and are allowable for substantially the same reasons as claims 10 and 23. 

Additionally, in contrast to the contention of the Office Action, the addition of An, et al. 
does not cure the deficiencies of Cordery in view of Asay with respect to claims 1 1 and 28. An, 
et al. teaches a web server-vault controller interacting with client browsers and registration 
authority browsers for purposes of linking them through a communications supervisor to their 
respective vaults and processes for registrations and certification processes (An, et al.. Col. 5, 
lines 7-13). The Office Action specifically relies on FIG. 4 reference number 32 for teaching a 
request supervisor, a communication supervisor and a service supervisor. The "supervisors" 
relied on in the Office Action refer to software applications that interact wdth a server. (An, et al.. 
Col. 8, lines 17-24). The supervisor recited in claims 1 1 and 28 is a person; namely, the 
supervisor of the user whose signature certificate is to be revoked. Since, taken individually or 
in combination, Cordery, Asay, and An, et al. do not teach or suggest that the PRA is a 
supervisor of a user, as recited in claim 1 1 and 28, reconsideration and allowance of claims 1 1 
and 28 is respectfiiUy requested. 
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VII. Rejection of Claims 12-13 Under 35 U.S.C. SlOSfa) 

Claims 12 and 13 stand rejected under 35 U.S.C. §103(a) as being unpatentable over 
U.S. 6,134,328 to Cordery, et al. ("Cordery") in view of U.S. Pub. No. 2001/001 1255 to Asay, et 
al. ("Asay") in view of U.S. 6,715,073 to An, et al. ("An, et al.") in further view of U.S. 
6,367,012 to Atkinson et al. ("Atkinson"). Claim 12 depends from claim 10 and is allowable for 
substantially the same reasons as claim 10. Claim 13 depends from claim 12 and is allowable for 
substantially the same reasons as claim 12. Since claim 12 and 13 depend from allowable claim 
10, reconsideration and allowance of claims 12 and 13 is respectfully requested. 



VIII. Rejection of Claim 14 Under 35 U.S.C. S103fa) 

Claim 14 stands rejected under 35 U.S.C. §103(a) as being unpatentable over U.S. 
6,134,328 to Cordery, et al. ("Cordery") in view of U.S. Pub. No. 2001/0011255 to Asay, et al. 
("Asay") in view of U.S. 6,715,073 to An, et al. ("An, et al.") in view of U.S. 6,367,012 to 
Atkinson et al. ("Atkinson") in further view of U.S. 5,774,552 to Grimmer ("Grimmer). 

Claim 14 depends from claim 13 and is allowable for substantially the same reasons as 
claim 13. As admitted in the Office Action, the combination of Cordery, Asay, An, et al. and 
Atkinson does not teach or suggest generating a directory password for the user during the 
creation of the user certificate. Claim 14 recites generating a directory password, which was also 
recited in claim 2, and is therefore allowable for substantially the same reasons as claim 2. 
Further, the combination of six references to establish a case of obviousness appears to be based 
on improper hindsight in which claim 14 is impermissibly being used as a blueprint to piece 
together elements in the prior art. Applicant requests that the Examiner show reasons that a 
skilled artisan, confronted with the same problems as the inventor and with no knowledge of the 
claimed invention would select the elements from the cited prior art references for combination 
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in the manner claimed. See, InreRouffet 47 U.S.P.Q.2d 1453, 1457 (Fed. Cir. 1998). 
Reconsideration and allowance of claim 14 is respectfully requested. 

IX. Rejection of Claim 15 Under 35 U.S.C. S103(a) 

Claim 15 stands rejected under 35 U.S.C. § 103(a) as being unpatentable over U.S. 
6,134,328 to Cordery, et al. ("Cordery") in view of U.S. Pub. No. 2001/001 1255 to Asay, et ai. 
("Asay") in view of U.S. 6,715,073 to An, et al. ("An, et al.") in view of U.S. 6,367,012 to 
Atkinson et al. ("Atkinson") in view of U.S. 5,774,552 to Grimmer ("Grimmer) in further view 
of U.S. Pub. No. 2002/0007454 to Tarpenning, et al. ("Tarpenning"). 

Claim 15 depends from claim 14 and is allowable for substantially the same reasons as 
claim 14. Claim 15 recites sending a user one of a password and a personal identification 
number (PIN) by the registration web server after the setting of the user entry which is also 
recited in claim 5, and is therefore allowable for substantially the same reasons as claim 5. 
Further, the combination of seven references to establish a case of obviousness appears to be 
based on improper hindsight in which claim 15 (like claim 14) is impermissibly being used as a 
blueprint to piece together elements in the prior art. The Examiner must show reasons that a 
skilled artisan, confronted v^th the same problems as the inventor and with no knowledge of the 
claimed invention would select the elements from the cited prior art references for combination 
in the manner claimed. In re Rouffet, supra. Reconsideration and allowance of claim 15 is 
respectfully requested. 

X. Rejection of Claim 16 Under 35 U.S.C. S103(a) 

Claim 16 stands rejected under 35 U.S.C. § 103(a) as being unpatentable over U.S. 
6,134,328 to Cordery, et al. ("Cordery") in view of U.S. Pub. No. 2001/001 1255 to Asay, et al. 
("Asay") in view of U.S. 6,715,073 to An, et al. ("An, et al.") in view of U.S. 6,367,012 to 
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Atkinson et al. ("Atkinson") in view of U.S. 5,774,552 to Grimmer ("Grimmer) in view of U.S. 
Pub. No. 2002/0007454 to Tarpenning, et al. ("Tarpenning") in further view of U.S. 5,982,898 to 
Hsu, et at. ("Hsu"). 

Claim 16 depends from claim 15 and is allowable for substantially the same reasons as 
claim 15, as well as for substantially the same reasons as claim 6. Accordingly, reconsideration 
and allowfmce nf claim 16 is respectfully requested. 

XI. Reiection of Claim 17 Under 35 U.S.C. S103(a) 

Claim 17 stands rejected under 35 U.S.C. §103(a) as being unpatentable over U.S. 
6,134,328 to Cordery, et al. ("Cordery") in view of U.S. 6,715,073 to An, et al. ("An, et al."). 
Claim 17 depends from claim 1 and is patentable over Cordery in view of Asay, in fiirther view 
of An, et al. for substantially the same reasons as claim 1 . 

XII. Rejection of Claims 19 and 20 Under 35 U.S.C. S103(a) 

Claims 19 and 20 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over U.S. 
6,134,328 to Cordery, et al. ("Cordery") in view of U.S. 6,367,012 to Atkinson et al. 
("Atkinson"). Amended claims 19 and 20 which depend from claim 18, are patentable over 
Cordery in view An, et al. in ftirther view of Atkinson for substantially the same reasons as 
claim 18. 

XIII. Reiection of Claim 22 Under 35 U.S.C. S103(a) 

Claim 22 has been canceled. Accordingly, the rejection of claim 22 is now moot. 
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CONCLUSION 



In view of the foregoing remarks. Applicant respectfully submits that the present 
application is in condition for allowance. Applicant respectfully requests reconsideration of this 
application and that the application be passed to issue. 

If the Examiner has any questions or if the Applicant or its representative can be of any 
assistance in connection with prosecution of this application, the Examiner is invited and 
encouraged to contact the undersigned at the nimiber identified below. 

Please charge any deficiency or credit any overpayment in the fees for this amendment to 
our Deposit Account No. 20-0090 



Respectfully submitted, 




Registration No. 39,334 



Customer No.: 26,294 



TAROLLI, SUNDHEIM, COVELL, & TUMMINO L.L.P. 

526 Superior Avenue, Suite 1111 



Cleveland, Ohio 44114-1400 
Phone: (216)621-2234 
Fax: (216)621-4072 
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